Device Networks


Device ExternalNetwork provide context that can be used for authenticating Remote Devices.

Remote Devices are using an ISP network of some kind, be it cellular, DSL, cable, fixed-point wireless, etc.

The Redwood filter engine detects which network the device is connecting by analyzing both the reverse DNS hostname and Start of Authority (SOA) of the IP address. If the IP address has neither the reverse DNS or SOA specified, Network detection will fail.

The Log Cabin Console has a large number of networks predefined. If your device is not on one of these predefined networks, create a new network from the relevant Reverse DNS or SOA information.


Finding the Reverse DNS

Find the reverse DNS hostname of an IP:

  1. Linux or OS X: host 74.92.67.117
  2. Windows: nslookup 74.92.67.117

Finding the SOA

Find the Start of Authority (SOA) hostname of an IP:

  1. Linux or OS X: host -t soa 74.92.67.117
  2. Windows: nslookup -type=soa 74.92.67.117
[root@system ~]# host 74.92.67.117
117.67.92.74.in-addr.arpa domain name pointer 74-92-67-117-Philadelphia.hfc.comcastbusiness.net.

The relevant part of the hostname is the TLD plus one segment. From the example above, the hostname to use is:

comcastbusiness.net


CIDR Notation

CIDR Notated IP Ranges are also supported, but should only be used if the IP does not have reverse DNS or SOA information available.